An Email Swindle Hits Antwerp
June 13, 13On July 12, 2012, Yahoo disclosed that more than 400,000 usernames and passwords to Yahoo and other companies were stolen. The hack, a major breach of security for any firm, was not limited to Yahoo email accounts. One of Yahoo’s services, Yahoo! Voices, allows users to sign in with non-Yahoo email addresses. Gmail, AOL, and Hotmail accounts were also exposed,resulting in one of the worst nightmares for anyone that uses their email accounts for passing vital and confidential information.
Even if you are not a born member of the digital age, you rely heavily on digital communication in your daily life. For example, updating family members about confidential health information, receiving bills or sending invoices to clients.
The recent disclosure of US government eavesdropping on phone, Facebook and Gmail communications proves that those systems are open, and that – by court order or criminal drive – our private discussions are open to many eyes and ears.
The Yahoo hackers immediately published a list of 453,492 accounts belonging to Yahoo, Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com users, the New York Times reported. Anyone who wanted could at once pick up the stolen list, log into any of those accounts and get instant access.
Now ask yourself – do you have an account with one of those services? If so, have you heard of this theft? If the answers are ‘Yes’ to the first and ‘No’ to the second – you probably didn’t rush to change passwords. No one knows how many people belong to this group.
The Yahoo theft was the third such massive breach within a few short weeks that included more sites, including LinkedIn. In all, an estimated one million password accounts were exposed.
The Antwerp Con
Someone not only knew how to take advantage of such info, in a number of cases, someone did take advantage of it, and targeted the diamond industry. In the past few weeks, a number of diamond firms fell victim to a sophisticated con that involved hacking into email accounts.
All that was needed was patience. Email accounts belonging to diamond firms, including rough trading firms and polished buyers, were monitored as the criminals waited for an opportunity. In one case, a trader bought a diamond from a large manufacturer and received an invoice by email. The buyer, using a Gmail account, then asked to extend his credit from 60 to 90 days. The revised invoice stated that due to the change, he is requested to deposit the payment into a different bank account. And there was the con.
The email to the client was intercepted and the invoice revised. It looked just like the original, but with one extra detail – the change in bank account. That request to deposit the money into a different bank account was not part of the original invoice. Everything in the invoice was identical to the original invoice.
In this case, the sides figured it out by chance, and the buyer didn’t deposit the payment in the crook's bank account. However, consider the possibilities – with the diamond already in the buyer’s hand, and the payment made, the seller would have been out of luck – the diamond is gone and the payment will never arrive.
In another case, the buyer fell victim to the same swindle. This time, the buyer bought rough, and was required to deposit the payment before delivery. The seller, who used an AOL account, sent an invoice to the buyer, and here, too, the email was intercepted and the invoice altered. Once again, the buyer was asked to deposit the money into a bank account that belonged to the perpetrators.
This con was only discovered when the seller didn’t send the goods. Puzzled, they contacted the sellers who told them that they never got the money, and therefore never sent the rough.
The Hong Kong-Lebanese Connection
The buyer, an Antwerp based DTC Sightholder, decided to do something about it. They traced the bank account to a new company from Hong Kong and filed a complaint with the Hong Kong Police. They decided, however, to use the hacked email account and arrange for the diamond’s delivery as well. Greedy, the scammers swallowed the bait, and tried to “divert” the diamond to their hands. The details they gave led to a Beirut, Lebanon address.
This is clearly a global swindle targeting companies in Antwerp, diverting funds to Hong Kong and goods to Lebanon. Who knows where these email account hackers are based.
“We all send emails and trust them,” said the Sightholder, who asked not to be named. It is the regularity of using email that causes us to trust emails and miss the dangers. We wrongly assume that a sent email goes straight to the recipient. It doesn’t.
How to Protect Yourself
These are just two examples of the big email swindle. Quietly, and not for the record, others spoke of this, too. The Sightholder felt it was his duty to alert other traders. They told their clients about it, they announced what bank accounts they use and told their clients not to deposit payments into any other accounts.
Letting clients know that you are not changing bank accounts is one lesson. Double checking bank details by phone is another. If you want to check if your email account has been compromised as part of the Yahoo Voice Password leak, you can use a service by Sucuri Malware Labs: labs.sucuri.net/?yahooleak.
Follow Edahn on Twitter
Get in touch on LinkedIn
Connect on Facebook
Or email eg at edahngolan dot com